@RISK Newsletter for October 09, 2014

The consensus security vulnerability alert.

Vol. 14, Num. 40

This is a weekly newsletter that provides in-depth analysis of the latest vulnerabilities with straightforward remediation advice. Qualys supplies a large part of the newly-discovered vulnerability content used in this newsletter.

CONTENTS:

TOP VULNERABILITY THIS WEEK: Xen Hypervisor Denial of

Service/Information Disclosure Vulnerability

NOTABLE RECENT SECURITY ISSUES SELECTED BY THE TALOS SECURITY INTELLIGENCE AND RESEARCH GROUP

Title: Xen Hypervisor Denial of Service/Information Disclosure VulnerabilityDescription: A buggy or malicious HVM guest can crash the host or read datarelating to other guests or the hypervisor itself.Reference: http://xenbits.xen.org/xsa/advisory-108.html

Title: Bugzilla Information Disclosure VulnerabilityDescription: An attacker creating a new Bugzilla account can overridecertain parameters when finalizing the account creation that can leadto the user being created with a different email address than originallyrequested. The overridden login name could be automatically added togroups based on the group’s regular expression setting.Reference: http://www.bugzilla.org/security/4.0.14/

RECENT VULNERABILITIES FOR WHICH EXPLOITS ARE AVAILABLE COMPILED BY THE QUALYS VULNERABILITY RESEARCH TEAM

This is a list of recent vulnerabilities for which exploits areavailable. System administrators can use this list to help inprioritization of their remediation activities. The Qualys VulnerabilityResearch Team compiles this information based on various exploitframeworks, exploit databases, exploit kits and monitoring of internetactivity.

ID: CVE-2014-6271Title: Multiple Vendor Bash Remote Code Execution VulnerabilityVendor: Multiple VendorsDescription: GNU Bash through 4.3 processes trailing strings afterfunction definitions in the values of environment variables, whichallows remote attackers to execute arbitrary code via a craftedenvironment, as demonstrated by vectors involving the ForceCommandfeature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the ApacheHTTP Server, scripts executed by unspecified DHCP clients, and othersituations in which setting the environment occurs across a privilegeboundary from Bash execution, aka “ShellShock.” NOTE: the original fixfor this issue was incorrect; CVE-2014-7169 has been assigned to coverthe vulnerability that is still present after the incorrect fix.CVSS v2 Base Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)